688f9fddb0cd9c94a8d9c4143121f5a5c02839266e83cf9dc7d0ac9ae0eb18e6

Sharing

Copy URL Twitter E-mail

General

Target

688f9fddb0cd9c94a8d9c4143121f5a5c02839266e83cf9dc7d0ac9ae0eb18e6
Size

3.3MB
MD5

558338f5a3b0be0df0035ac01e23cdd1
SHA1

bcb1cc913ee650ca7dccc4121729fa73c6c8207e
SHA256

688f9fddb0cd9c94a8d9c4143121f5a5c02839266e83cf9dc7d0ac9ae0eb18e6
SHA512

767ff207e74cacc9ae57df9beb74105b2464e1066076ca87afb52148996ed3f6ca2a468fe0d5f1ada75af9cc2b70d8835d41224cb7679505bc5cad25097e46d9
SSDEEP

49152:JmkDJLp1IbGS+K2CIAAEMVY8OHaRAL60TXj/Nt92K9fFdHdvIQ/NbH:hDL1MAEMHQLvzdvIQlb

Score

N/A

Malware Config

Signatures

Files

688f9fddb0cd9c94a8d9c4143121f5a5c02839266e83cf9dc7d0ac9ae0eb18e6
.exe windows x86

a2bbcd35dc0a81e855671c58768b84d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

soundlib

CreateSoundLib

winmm

timeGetTime

ss3dgfunc

_CrossProduct@12
_COLORtoDWORD@16
_MatrixMultiply2@12
_TransformV3TOV4@16
_Normalize@8
_VECTOR3Length@4
_WriteTGA@24
_RotatePositionWithPivot@24
_SetRotationXMatrix@8
_SetRotationYMatrix@8
_TransformVector3_VPTR2@16
_SetInverseMatrix@8
_CalcDistance@8

wsock32

WSAStartup
WSACleanup
gethostbyname
ioctlsocket
inet_addr
htons
socket
connect
send
recv
closesocket

dinput8

DirectInput8Create

kernel32

GetExitCodeProcess
GetLocaleInfoW
SetStdHandle
InterlockedIncrement
InterlockedExchange
GetProcAddress
GetModuleHandleA
VerifyVersionInfoA
VerSetConditionMask
ExitProcess
Sleep
CreateThread
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
FindFirstFileA
CloseHandle
WriteProcessMemory
OpenProcess
GetCurrentProcessId
GetLastError
GetCurrentProcess
DuplicateHandle
GetProcessId
WaitForSingleObject
CreateDirectoryA
FormatMessageA
lstrcpyA
IsBadReadPtr
GetCurrentThreadId
CreateFileA
lstrcatA
LoadLibraryA
GetModuleFileNameA
SetUnhandledExceptionFilter
lstrcpynA
GetTickCount
FreeLibrary
GetLocalTime
MultiByteToWideChar
GetVersionExA
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpiA
ResumeThread
InterlockedDecrement
DeviceIoControl
IsDBCSLeadByte
lstrlenA
GetCurrentDirectoryA
MulDiv
OutputDebugStringA
QueryDosDeviceA
GetLogicalDriveStringsA
Process32Next
Process32First
CreateToolhelp32Snapshot
Module32Next
Module32First
CreateProcessA
VirtualQuery
InitializeCriticalSection
TerminateThread
GetCurrentThread
Thread32Next
Thread32First
ReadFile
WriteFile
GlobalFree
GetSystemTime
SetFileAttributesA
GetTempPathA
CopyFileA
GetSystemDefaultLangID
WideCharToMultiByte
LCMapStringA
FileTimeToLocalFileTime
OpenFile
lstrcmpA
SetCurrentDirectoryA
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryW
DebugBreak
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetTimeZoneInformation
HeapSize
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetProcessHeap
GetConsoleCP
SetHandleCount
VirtualAlloc
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
CreateFileW
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrlenW
TerminateProcess
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
UnhandledExceptionFilter
IsDebuggerPresent
HeapFree
RtlUnwind
HeapReAlloc
HeapAlloc
GetModuleHandleW
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
GetStartupInfoA
GetCommandLineA
ExitThread
GetSystemTimeAsFileTime
GetFileAttributesA
FileTimeToSystemTime
OpenThread
GetFileSize

user32

RegisterHotKey
MessageBoxA
FindWindowA
FindWindowExA
wsprintfA
ShowCursor
UpdateWindow
SetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
IsClipboardFormatAvailable
GetClipboardData
GetWindowThreadProcessId
PostQuitMessage
CharPrevA
CharNextA
GetDC
ReleaseDC
OffsetRect
LoadCursorFromFileA
CopyRect
GetClientRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SendMessageA
SetRect
PostMessageA
SetCursor
PeekMessageA
TranslateMessage
DispatchMessageA
LoadIconA
RegisterClassExA
DefWindowProcA
EndDialog
GetSystemMetrics
CreateWindowExA
ShowWindow

gdi32

GetDeviceCaps
SelectObject
GetTextExtentPoint32A
CreateFontIndirectA
DeleteObject
GetStockObject

advapi32

RegCloseKey
RegQueryInfoKeyA
LookupAccountSidA
GetTokenInformation
OpenProcessToken
GetUserNameA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoInitialize
CoFreeUnusedLibraries

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString
SetErrorInfo
VariantChangeType
CreateErrorInfo
GetErrorInfo

freeimage

_FreeImage_GetInfo@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_GetBits@4
_FreeImage_SaveJPEG@12
_FreeImage_Load@12
_FreeImage_Unload@4

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameA

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 798KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

��u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a2bbcd35dc0a81e855671c58768b84d9

Headers

DLL Characteristics

File Characteristics

Imports

soundlib

winmm

ss3dgfunc

wsock32

dinput8

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

freeimage

iphlpapi

psapi

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 301KB - Virtual size: 301KB

.data Size: 798KB - Virtual size: 1.1MB

.idata Size: 9KB - Virtual size: 9KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 117KB - Virtual size: 116KB

�����u� Size: 16KB - Virtual size: 20KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 301KB - Virtual size: 301KB

.data
Size: 798KB - Virtual size: 1.1MB

.idata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 117KB - Virtual size: 116KB

��u�
Size: 16KB - Virtual size: 20KB